This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa File: d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa (raw, json) Hash identifier: mlKHMzDl0+ykUeWjVC7hxg2x7uSci4fOePh1fZg9F50= Subject key identifier: 7F:80:69:6A:64:CE:EF:C9:D3:45:EB:DC:CB:E5:44:AC:49:49:8A:62 Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Certificate serial: 1129997B111E16CA2A96E5B86B1A3B8517EC4F Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa Signing time: Tue 25 Nov 2025 20:10:34 +0000 ROA not before: Tue 25 Nov 2025 20:10:34 +0000 ROA not after: Mon 23 Feb 2026 23:59:59 +0000 asID: 16509 IP address blocks: 2a05:d073:c040::/46 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:29:99:7b:11:1e:16:ca:2a:96:e5:b8:6b:1a:3b:85:17:ec:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc Validity Not Before: Nov 25 20:10:34 2025 GMT Not After : Feb 23 23:59:59 2026 GMT Subject: serialNumber=ffb784a62402d39139a3a3766f3ffed7b1d4e242ebce62e313b42751c31f1320, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:8c:a1:73:b6:17:55:ac:d1:c5:d2:24:68:8d: 90:2a:ba:89:ce:1e:43:d2:bb:d1:f7:7f:95:0c:bc: 46:8c:10:c2:cf:1f:d8:22:c2:da:c7:5d:9b:44:8c: 35:8e:a0:ce:d6:73:1a:1a:82:d3:4b:0e:1d:c4:3a: b6:28:1a:b0:ef:d3:e8:9e:c5:a5:ef:0d:e1:45:c5: 1c:21:11:c8:f1:4d:5c:f6:37:cd:d2:87:44:0d:d9: ae:2e:8c:c8:78:92:24:60:2e:9e:30:b4:fe:a2:ff: ae:35:cf:1b:9b:2d:1b:c3:25:3a:71:6b:e6:a9:8e: e6:cd:a6:8d:79:5d:2a:b1:3a:3a:c7:be:f2:83:ab: 8f:d9:8b:dc:54:76:10:3a:a0:5c:2c:01:f8:b1:19: db:7d:22:31:1c:77:5c:eb:a0:97:21:a7:7a:6a:59: b7:5c:f3:49:8f:a4:37:a8:72:e8:f7:8d:8c:22:09: 90:15:cc:c5:53:5d:c7:86:a6:c9:e0:ec:ea:68:4b: 8e:7e:2e:06:ce:2b:91:1b:23:f0:4d:f1:b7:50:7b: f5:7e:25:39:fa:ed:51:0e:54:da:b3:93:94:08:55: da:9a:02:d6:b5:7a:7d:01:1a:c2:b8:99:50:bc:a8: 4a:fd:93:fc:6a:27:a4:4b:4d:e5:bb:a5:34:b4:b1: d6:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:80:69:6A:64:CE:EF:C9:D3:45:EB:DC:CB:E5:44:AC:49:49:8A:62 X509v3 Authority Key Identifier: keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1c01c92-4a2e-40c8-9b72-e653ac9896ca.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:d073:c040::/46 Signature Algorithm: sha256WithRSAEncryption aa:b4:eb:7b:70:84:a8:a2:54:e3:93:94:73:a6:c8:1f:21:3f: 7b:3a:2c:f2:44:f6:33:91:b0:6e:ee:f7:5d:8a:6c:01:e4:78: 51:ab:f2:d7:c2:d6:84:6f:55:9d:61:53:a3:73:56:ea:0a:fa: 20:e9:44:3c:9e:5c:4f:13:78:70:e0:62:07:ee:b7:b8:e3:20: ed:c8:9c:8c:bb:7b:83:c4:48:74:70:25:c1:15:81:98:71:c2: 53:da:8e:e2:7b:e2:a0:f0:b7:95:a5:2b:44:83:02:50:17:89: 7a:74:22:37:9d:f2:be:d0:39:ca:bc:97:ff:40:eb:c5:c4:ec: 55:ed:c1:d2:d3:a9:42:7f:13:63:cb:ee:1e:d1:5f:7a:2d:3b: dd:6a:09:34:30:2e:ca:8b:f5:34:7a:00:06:5a:16:36:78:eb: 53:fa:07:a5:93:f4:8a:cd:90:b3:5c:ff:b5:89:a5:0a:56:15: 35:93:4d:f3:35:1f:c7:f0:4f:c8:f3:08:df:53:38:7b:b4:5d: e1:0b:66:9d:64:34:9a:f4:b2:ff:56:81:3c:df:da:6e:9a:04: b6:f4:c0:8c:c6:f9:44:62:6d:e6:f2:df:0d:95:66:67:a4:9b: 4a:c1:f0:2e:a6:74:ae:e9:31:ad:b6:bd:df:c4:17:c0:6a:16: cb:5d:61:db -----BEGIN CERTIFICATE----- MIIFYDCCBEigAwIBAgITESmZexEeFsoqluW4axo7hRfsTzANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEyg4YjYyNjNkYmU5Nzk5ZGQ2NzkzZTBlODgyYWQyMWNiNDg0 OTk3MGJjMB4XDTI1MTEyNTIwMTAzNFoXDTI2MDIyMzIzNTk1OVowejFJMEcGA1UE BRNAZmZiNzg0YTYyNDAyZDM5MTM5YTNhMzc2NmYzZmZlZDdiMWQ0ZTI0MmViY2U2 MmUzMTNiNDI3NTFjMzFmMTMyMDEtMCsGA1UEAxMkNjYxNWEzOGItM2FkNy00N2I3 LThmYjItNjg1YzM4ZDAwOTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmoyhc7YXVazRxdIkaI2QKrqJzh5D0rvR93+VDLxGjBDCzx/YIsLax12bRIw1 jqDO1nMaGoLTSw4dxDq2KBqw79PonsWl7w3hRcUcIRHI8U1c9jfN0odEDdmuLozI eJIkYC6eMLT+ov+uNc8bmy0bwyU6cWvmqY7mzaaNeV0qsTo6x77yg6uP2YvcVHYQ OqBcLAH4sRnbfSIxHHdc66CXIad6alm3XPNJj6Q3qHLo942MIgmQFczFU13HhqbJ 4OzqaEuOfi4GziuRGyPwTfG3UHv1fiU5+u1RDlTas5OUCFXamgLWtXp9ARrCuJlQ vKhK/ZP8aiekS03lu6U0tLHWVwIDAQABo4ICJDCCAiAwHQYDVR0OBBYEFH+AaWpk zu/J00Xr3MvlRKxJSYpiMB8GA1UdIwQYMBaAFItiY9vpeZ3WeT4OiCrSHLSEmXC8 MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvaTJKajItbDVu ZFo1UGc2SUt0SWN0SVNaY0x3LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j b20vdm9sdW1lL2RiYThmMDFjLTk2NjktNDRhMy1hYzZlLWRiMmVkYjA5OWI4NC9k MWMwMWM5Mi00YTJlLTQwYzgtOWI3Mi1lNjUzYWM5ODk2Y2Eucm9hMIGIBgNVHR8E gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h d3MuY29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTli ODQvdU9EYXRkdFljMUhyaHRVUVZReXJESzA4R2VJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcCKgXQc8BA MA0GCSqGSIb3DQEBCwUAA4IBAQCqtOt7cISoolTjk5RzpsgfIT97OizyRPYzkbBu 7vddimwB5HhRq/LXwtaEb1WdYVOjc1bqCvog6UQ8nlxPE3hw4GIH7re44yDtyJyM u3uDxEh0cCXBFYGYccJT2o7ie+Kg8LeVpStEgwJQF4l6dCI3nfK+0DnKvJf/QOvF xOxV7cHS06lCfxNjy+4e0V96LTvdagk0MC7Ki/U0egAGWhY2eOtT+gelk/SKzZCz XP+1iaUKVhU1k03zNR/H8E/I8wjfUzh7tF3hC2adZDSa9LL/VoE839pumgS29MCM xvlEYm3m8t8NlWZnpJtKwfAupnSu6TGttr3fxBfAahbLXWHb -----END CERTIFICATE-----Generated at Sat Dec 6 09:49:46 2025 by rpki-client